package com.demo.config.security;

import com.demo.config.security.jump.AutenticationSuccess;
import com.demo.config.security.jump.ErrorAuthentication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * <p></p>
 *@author zwy
 *@date 2025/3/2 15:21
*/
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    //创建登陆成功的执行器对象
    private AutenticationSuccess as = new AutenticationSuccess();

    //创建登陆失败之后的执行器对象
    private ErrorAuthentication ea = new ErrorAuthentication();

    /**
     *由于登陆的过程当中需要密码加密的机制处理，所以我们需要在容器当中给出密码加密器对象
     *密码加密器对象是有由一个接口规定的：PaswordEncoder 下面有很多不同算法的实现类
     */
    @Bean
    public PasswordEncoder createPe() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //关闭掉默认的认证登陆
        http.httpBasic().disable()
                //关闭掉跨站伪造攻击的默认防御系统
                .csrf().disable()
                //配置请求的拦截方式
                .authorizeRequests()
                //配置匹配哪些请求需要放行
//               "/swagger/**"
//                "/v2/api-docs"
//            "/swagger-ui.html"
//               "/webjars/**"
//              "/swagger-resources/**"
//           "/images/**"
//             /img/**"
//                /modelFiles/**"
//               "
//               /doc.html"
//              /*.html"
//                /*.js"
//      "/*.css"
//             "/login.html"
//            "/login2.html"
//                "/login/**"
//          "/favicon.ico"
//            /captcha.jpg"
                .antMatchers("/","/**").permitAll()
		      .anyRequest().authenticated()
                .and()
                //进行自定义表单登陆配置
                .formLogin()
		      .loginPage("/login")
			  .loginProcessingUrl("/404")
                .permitAll()
                .successHandler(as)
                .failureHandler(ea);
    }
}
